feat: trivy codequality report

|-----------------------------------| ---------------------------------------------------------------------------- | ----------------- |

| `reports/cnb-trivy-*.native.json` | native Trivy report format (json) | [DefectDojo integration](https://docs.defectdojo.com/en/connecting_your_tools/parsers/file/trivy/)<br/>_This report is generated only if DefectDojo template is detected_ |

| `reports/cnb-trivy-*.gitlab.json` | [Trivy report format for GitLab](https://aquasecurity.github.io/trivy/latest/tutorials/integrations/gitlab-ci/) format | [GitLab integration](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscontainer_scanning) |

| `reports/cnb-trivy-*.gitlab-codequality.json` | [Trivy report format for GitLab Code Quality](https://aquasecurity.github.io/trivy/latest/tutorials/integrations/gitlab-ci/) format       | [GitLab Code Quality](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscodequality)                                                                     |

### `cnb-publish` job

    # Generate a report in the GitLab format

    trivy convert --format template --template "@/contrib/gitlab.tpl" --output reports/cnb-trivy-${basename}.gitlab.json reports/cnb-trivy-${basename}.native.json

    # Generate a report in the Code Quality format

    trivy convert --format template --template "@/contrib/gitlab-codequality.tpl" --output reports/cnb-trivy-${basename}.gitlab-codequality.json reports/cnb-trivy-${basename}.native.json

    # console output

    trivy convert --format table reports/cnb-trivy-${basename}.native.json

      - "reports/cnb-trivy-*"

    reports:

      container_scanning: "reports/cnb-trivy-*.gitlab.json"

      codequality: "reports/cnb-trivy-*.gitlab-codequality.json"

  cache:

    - key: "$CI_COMMIT_REF_SLUG-trivy"

      paths: